forked from grafana/grafana
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathaccesscontrol.go
50 lines (43 loc) · 1.66 KB
/
accesscontrol.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
package datasources
import "github.com/grafana/grafana/pkg/services/accesscontrol"
const (
ScopeRoot = "datasources"
ScopePrefix = ScopeRoot + ":uid:"
ActionRead = "datasources:read"
ActionQuery = "datasources:query"
ActionCreate = "datasources:create"
ActionWrite = "datasources:write"
ActionDelete = "datasources:delete"
ActionIDRead = "datasources.id:read"
ActionPermissionsRead = "datasources.permissions:read"
ActionPermissionsWrite = "datasources.permissions:write"
)
var (
ScopeID = accesscontrol.Scope("datasources", "id", accesscontrol.Parameter(":datasourceId"))
ScopeAll = accesscontrol.GetResourceAllScope(ScopeRoot)
ScopeProvider = accesscontrol.NewScopeProvider(ScopeRoot)
)
var (
// ConfigurationPageAccess is used to protect the "Configure > Data sources" tab access
ConfigurationPageAccess = accesscontrol.EvalAny(
accesscontrol.EvalPermission(accesscontrol.ActionDatasourcesExplore),
accesscontrol.EvalPermission(ActionCreate),
accesscontrol.EvalAll(
accesscontrol.EvalPermission(ActionRead),
accesscontrol.EvalAny(
accesscontrol.EvalPermission(ActionDelete),
accesscontrol.EvalPermission(ActionWrite),
),
),
)
// NewPageAccess is used to protect the "Configure > Data sources > New" page access
NewPageAccess = accesscontrol.EvalAll(
accesscontrol.EvalPermission(ActionRead),
accesscontrol.EvalPermission(ActionCreate),
)
// EditPageAccess is used to protect the "Configure > Data sources > Edit" page access
EditPageAccess = accesscontrol.EvalAll(
accesscontrol.EvalPermission(ActionRead),
accesscontrol.EvalPermission(ActionWrite),
)
)